NashTech Insights

How to authenticate Azure using Golang

Mohd Muzakkir Saifi
Mohd Muzakkir Saifi
Table of Contents
macbook pro

Hello learners, I am back with another blog. In this blog, we will learn how to use Golang to authenticate Azure using the Azure credential. Let’s learn about the basics of Authentication types and we will see the different types of authentication processes.

Introduction:-

Authentication is a very important and serious aspect when you are working with Azure services using Golang. The authentication process allows you to securely connect to Azure and perform certain operations on various Azure resources using the code. In this blog post, we will explore different authentication methods and learn, how to authenticate Azure services using Golang.

Table of Contents:-

  1. Authentication
  2. Authentication using Service Principal
  3. Managed Identity Authentication
  4. Interactive Authentication
  5. Using Azure SDK for Go

1. Azure Authentication:-

Basically, Azure provides us multiple authentication methods to access its services using the programming language. These methods include Service Principal, Managed Identity, and Interactive Authentication.

  • Service Principal: A service principal is an identity with specific permissions to access Azure resources. It is a non-interactive authentication process.
  • Managed Identity: Managed Identity allows you to assign an identity to your Azure resources. This identity can be used to authenticate with Azure services.
  • Interactive Authentication: Interactive Authentication allows users to authenticate using their Azure credentials interactively like you can use your credential to log in [username and password]. It is useful for scenarios where user consent is required.

2. Authentication using Service Principal:-

Service Principal authentication is widely used for applications that need to access Azure resources. Here are the key steps to authenticate with Azure using a service principal in Golang:

  1. You can create a Service Principal in Azure Active Directory and assign the required permissions.
  2. You need to copy the client ID, client secret, and tenant ID because we will use them to authenticate.
  3. Use the Azure SDK for Go to authenticate with the Service Principal credentials.

3. Managed Identity Authentication:-

Managed Identity allows you to authenticate with Azure services without explicitly managing credentials. Please follow the below step to authenticate Azure services using Managed Identity in Golang:

  1. Assign a Managed Identity to the Azure resource you want to authenticate.
  2. Enable Managed Identity on the resource, which creates a unique identity in Azure AD.
  3. Use the Azure SDK for Go to authenticate with the Managed Identity and obtain an authorization token.
  4. Use that token to access Azure services using programming.

4. Interactive Authentication:-

Interactive Authentication is very easy and suitable for the condition where users need to provide their own credentials by own to authenticate with Azure. You can follow the below step for Authentication in Golang:

  1. Use the Azure SDK to initiate an interactive authentication session.
  2. You will see a login page then you can enter your credential.

5. Using Azure SDK for Go:-

The Azure SDK for Go provides an easy way to authenticate where you can authenticate the credential and then you can interact with Azure. You can follow these steps to use the Azure SDK for Go to authenticate Azure:

  1. Install the Azure SDK for Go by running the following command:
 get github.com/Azure/azure-sdk-for-go
  1. Import the necessary packages in your Go code, such as :
github.com/Azure/azure-sdk-for-go/services/<service>/mgmt/<version>/<service-package>.
  1. Select the required authentication method based on need: Service Principal, Managed Identity, or Interactive Authentication.
  2. Now You can create Azure service clients and perform operations on Azure.

Now we have seen the different ways of authentication of Azure. It’s time to see the demo or a complete process of how we can authenticate our Azure with the go-lang. I have divided the complete process into steps. You can follow them to achieve this goal:-

Prerequisites:-

  • Azure subscription
  • GoLang install

Follow the below steps to authenticate:-

Step 1:-

First of all, you need to install the Azure identity module for Golang. You can use the below command to install the identity module:-

go get -u github.com/Azure/azure-sdk-for-go/sdk/azidentity

Step 2:-

Now, it’s time to choose the authentication method. Here we will authenticate the Azure using golang:-

  1. Define environment variables:- In this option, The DefaultAzureCredential  will use the EnvironmentCredential type to configure authentication using environment variables. We need to export the variable in the system so that DefaultAzureCredential can fetch the variable and establish the connection and it supports three types of authentication. This means You have three options to authenticate. You can choose one of them and export the environment variable:-
    • Service principal with a secret:- We will use client id, tenant id, and client secret in this authentication:-
      • AZURE_CLIENT_ID – Application ID of an Azure service principal
      • AZURE_TENANT_ID – ID of the application’s Azure AD tenant
      • AZURE_CLIENT_SECRET – Password of the Azure service principal
    • Username and password:- We will use a username and password to authenticate:-
      • AZURE_CLIENT_ID – This is the ID of an Azure AD application
      • AZURE_USERNAME – A username (usually an email address)
      • AZURE_PASSWORD – This is the user’s password
    • Service principal with a certificate:- In this authentication, You required only three values which are as below:-
      • AZURE_CLIENT_ID – This is the ID for the Azure AD application.
      • AZURE_TENANT_ID – This is the ID of the application’s Azure AD tenant.
      • AZURE_CLIENT_CERTIFICATE_PATH – This is the Path to a certificate file including a private key.
  2. Use a managed identity:- In this option, applications can use Azure AD tokens instead of credentials. You can export AZURE_CLIENT_ID with the value in your system.
  3. Sign in with Azure CLI:- To support local development, the DefaultAzureCredential can authenticate as the user signed into the Azure CLI. You can run the below command to setup the authorization:-
    • az login
Use DefaultAzureCredential to authenticate ResourceClient:-

Create a new sample Go module named azure-auth to test authenticating to Azure with the DefaultAzureCredential.

  • First, create a directory to test and run the example code
  • Run the below command to create a module:-
go mod init exmaple-auth
  • Run the below command to install the required Azure SDK for Go:-
go get "github.com/Azure/azure-sdk-for-go/sdk/azidentity"
go get "github.com/Azure/azure-sdk-for- go/sdk/resourcemanager/resources/armresources"
  • Create a main.go to the file and paste the below code in it:-
package main


// Import key modules for the code.

import (
  "log"
  "github.com/Azure/azure-sdk-for-go/sdk/azidentity"

  "github.com/Azure/azure-sdk-for- go/sdk/resourcemanager/resources/armresources"
)

// Define the global varible for the function.

var (

// Replace the subscription id in the values.

  subscriptionId = "<subscription ID>"
)

// define the function

func main() {

  cred, err := azidentity.NewDefaultAzureCredential(nil)

  if err != nil {

    log.Fatalf("Authentication failure: %+v", err)

  }

  // Azure SDK Azure Resource Management clients accept  the credential as a parameter

  client, _ := armresources.NewClient(subscriptionId, cred, nil)

  log.Print("Great, You are Authenticated to subscription", client)
}

Now, You can follow the below command to run the code:

go run .

You can check the attached image. You will get this message which says that you are authenticated to the aure.

Conclusion:-

We have explored the different types of authentication and run the go-lang code to authenticate to Azure. As we have many authentication choices so then remember to choose the appropriate authentication method based on your use case. By implementing Azure authentication in your Golang applications, you can advantage of Azure services and build applications.
You can follow this link to know more and I have also written many blogs you can check it here.

Mohd Muzakkir Saifi

Mohd Muzakkir Saifi

Leave a Comment

Your email address will not be published. Required fields are marked *

Suggested Article

%d bloggers like this: